Ontological vulnerability assessment

Abstract

Vulnerability assessment is a vital part of the risk management process. The accuracy and reliability of calculated risk depends on comprehensive and correct assessment of system vulnerabilities. Current vulnerability assessment techniques fail to consider systems in their entirety and consequently are unable to identify complex vulnerabilities (i.e. those vulnerabilities that are due to configuration settings and unique system environments). Complex vulnerabilities can exist for example when a unique combination of system components are present in a system and configured in such a way that they can be collectively misused to compromise a system. Ontologies have emerged as a useful means for modeling domains of interest. This research shows that taking an ontological approach to vulnerability assessment results in improved identification of complex vulnerabilities. By ontologically modeling the domain of vulnerability assessment, the resulting ontology can be instantiated with a system of interest. The process of instantiating the ontology doubles as a technique for methodically discovering complex vulnerabilities present in the given system. Furthermore, it is suggested that the instantiated ontology will also be able to be queried in order to discover additional complex vulnerabilities present in the system by reasoning through implicit knowledge captured by the instantiated ontology. © Springer-Verlag Berlin Heidelberg 2008.